40acf92d354eaaf15a9aa79e850f59bd_JaffaCakes118 | Triage

Sharing

General

Target

40acf92d354eaaf15a9aa79e850f59bd_JaffaCakes118
Size

19KB
MD5

40acf92d354eaaf15a9aa79e850f59bd
SHA1

9b7bb6281c93ef86129044a83838590dd2c723e8
SHA256

c5850ddacb3c9679391291dd2a2367d5bf5c1ae8fac4f68e2d615dfe784ca014
SHA512

207b19bdc4632ba2455617aa164713e28a640b2c9067ac2f8a9861d699c34781296a364e3940eeb2e4833c7335fe9a5f766b1f3b116ab5572858982160784a16
SSDEEP

384:sc2pP0cn2yxFAc7e7aykRGnP2CgGPoFe6fVQKOK6IM:JcnFAXajCgGwVfGK6IM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40acf92d354eaaf15a9aa79e850f59bd_JaffaCakes118

Files

40acf92d354eaaf15a9aa79e850f59bd_JaffaCakes118
.dll windows:4 windows x86 arch:x86

5d270ca933ebd428754f1a8516c159bc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpynA
FreeLibrary
GetCurrentProcess
GetProcessHeap
GlobalAlloc
CreateEventA
GetFileAttributesA
lstrcatA
MultiByteToWideChar
GetProcAddress
GlobalFree
GetModuleHandleA
CloseHandle
lstrcpyA
SetFilePointer
RtlUnwind
lstrcmpA
CreateFileA

user32

EndPaint
DestroyWindow
GetWindowRect
GetFocus
GetClientRect
SendMessageA
RegisterWindowMessageA
SetWindowLongA
MessageBoxA
GetWindowLongA
CreateWindowExA
GetDlgItem
ShowWindow
CreateWindowExW
IsWindowVisible
SetWindowTextA
EnableWindow
CallWindowProcA
SetDlgItemTextA
wsprintfA

advapi32

RegQueryValueExA
RegCloseKey

wininet

InternetConnectA

Exports

Exports

food
grab
plum

Sections

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ